Skip to content

Instantly share code, notes, and snippets.

  1. Wiederholung High Level Flow (Beziehung ID Provider - Client - Resource Server) (Präsentation zeigen)
  2. [Backend und Frontend gestartet] Login durchführen. In der Frontend Log-Datei (Filter auf ApiFactory und MainActivity) das Access Token, Expiration Time und die zurückgegebenen User-Daten zeigen.
  3. Access Token Inhalt in https://jwt.io (zeigen) (die Expiry Time könnte man noch bei https://www.epochconverter.com/ dekodieren)
  4. Backend: WebSecurityConfig zeigen --> hier ist die abgesicherte Route festgelegt; Resource Server Konfigurations-Details im JwtDecoder (keine weitere Erklärung). Authentication relevante Klassen im Package authentication (aufklappen).
  5. Frontend: ApiFactory zeigen --> Zufügung des Authentication Headers über den Authenticator (keine weitere Erklärung)
  6. Zum Einschalten des abgesicherten Zugriffs: im Frontend, UserProfileApi, im ersten @Get() secure/ einfügen:
public interface UserProfileApi {

Spring Boot Resource Server Configuration

The following description refers to the current implementation of a secure REST API for the Mayo project. It is NOT the simplest possible implementation of a Spring Boot Resource Server, which requires much less code. For a choice of simpler configuration options, please refer to the official Spring Security documentation, which is anyway an excellent starting point for deeper understanding. The main driver for the additional complexity here is the objective to cover authenticated access to the resources with authentication tokens provided by different entities.

pom.xml

Add the following dependency:

<dependency>
    <groupId>org.springframework.boot</groupId>
 spring-boot-starter-oauth2-resource-server

Android: REST API, Repository, ViewModel, LiveData

Changes are described starting from the status after the previous live coding (Android Restcall with Retrofit)

Package Structure below de.telekom.mayo.frontend.android.mayo:

  • api: the Retrofit interfaces and the Retrofit factory that also creates the implementations of the interfaces
  • model: the Java object representations (entitites) for the data structures offered via the REST API
  • repo: the repositories that provide all the CRUD methods for the REST API; one per entity
  • profile: user interface related classes around the user profile, e.g. activities, viewmodels, adapters
' or 1=1 -- (wie vorgegeben) in username oder password
' or true -- in username oder password
bob' -- in username Zeile ("geraten :-)")
@51enra
51enra / NON-EXISTENT
Created December 5, 2019 14:51
Usage of curl
Header response for non-existent page
HTTP/1.1 404 Not Found
Date: Thu, 05 Dec 2019 14:26:46 GMT
Server: Apache
Last-Modified: Thu, 05 Mar 2015 08:44:26 GMT
ETag: "220-51086934dd7f3"
Accept-Ranges: bytes
Content-Length: 544
Content-Type: text/html
mysql> SELECT team.name team, COUNT(*) AS nb_players -> FROM player
-> JOIN team ON player.team_id = team.id
-> GROUP BY player.team_id
-> ORDER BY nb_players DESC;
+------------+------------+
| team | nb_players |
+------------+------------+
| Gryffindor | 36 |
| Slytherin | 21 |
| Ravenclaw | 15 |
mysql> SELECT lastname, firstname, player.role, team.name AS team
-> FROM wizard
-> JOIN player ON wizard_id = wizard.id
-> JOIN team ON player.team_id = team.id
-> ORDER BY team.name, player.role, lastname, firstname;
+-----------------+-------------+--------+------------+
| lastname | firstname | role | team |
+-----------------+-------------+--------+------------+
| Black | Sirius | beater | Gryffindor |
| Brown | Lavender | beater | Gryffindor |
@51enra
51enra / gist:a7bd1611879b29524510326ad6e1b2f2
Created December 2, 2019 12:03
Wild Code School SQL Quest 3
mysql> INSERT INTO school (name,country, capacity) VALUES
-> ('Beauxbatons Academy of Magic', 'France', 550),
-> ('Castelobruxo', 'Brazil', 380),
-> ('Hogwarts School of Witchcraft and Wizardry', 'United Kingdom', 450),
-> ('Ilvermorny School of Witchcraft and Wizardry', 'USA', 300),
-> ('Koldovstoretz', 'Russia', 125),
-> ('Mahoutokoro School of Magic', 'Japan', 800),
-> ('Uagadou School of Magic', 'Uganda', 350),
-> ('Durmstrang Institute', 'Norway', 570);
@51enra
51enra / gist:6b798139d2e7c27f349fcb1fa8f45ff1
Created December 2, 2019 10:34
Wild Code Scool SQL Quest 2
SELECT * FROM wizard WHERE birthday BETWEEN '1975-01-01' AND '1985-12-31';
+----+-----------+----------+------------+-------------+---------------------------------------+-----------+
| id | firstname | lastname | birthday | birth_place | biography | is_muggle |
+----+-----------+----------+------------+-------------+---------------------------------------+-----------+
| 1 | harry | potter | 1980-07-31 | london | | 0 |
| 2 | hermione | granger | 1979-09-19 | | Friend of Harry Potter | 0 |
| 4 | ron | weasley | 1980-03-01 | | Best friend of Harry | 0 |
| 5 | ginny | weasley | 1981-08-11 | | Sister of Ron and girlfriend of Harry | 0 |
| 6 | fred | weasley | 1978-04-01 | | | 0 |